package studio.xiaoyun.web.controller.rest;

import com.alibaba.fastjson.JSON;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.*;
import studio.xiaoyun.core.constant.Permission;
import studio.xiaoyun.core.dao.IPermissionDao;
import studio.xiaoyun.core.dao.IRoleDao;
import studio.xiaoyun.core.entity.PermissionEntity;
import studio.xiaoyun.core.entity.RoleEntity;
import studio.xiaoyun.core.exception.InvalidParameterException;
import studio.xiaoyun.core.parameter.PermissionParameter;
import studio.xiaoyun.core.parameter.RoleParameter;
import studio.xiaoyun.core.service.IRoleService;
import studio.xiaoyun.security.annotation.RequirePermission;
import studio.xiaoyun.web.ParameterUtil;
import studio.xiaoyun.web.RestResult;
import studio.xiaoyun.web.resource.PermissionResource;
import studio.xiaoyun.web.resource.ResourceUtil;
import studio.xiaoyun.web.resource.RoleResource;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Collections;
import java.util.List;

/**
 * 角色相关
 */
@RestController
@RequestMapping("/v1/role")
public class RoleRestController {
    @Resource
    private IRoleDao roleDao;
    @Resource
    private ResourceUtil resourceUtil;
    @Resource
    private IPermissionDao permissionDao;
    @Resource
    private IRoleService roleService;

    /**
     * 创建角色
     * @param name 角色名称
     * @param description 角色描述
     * @return 角色信息
     */
    @RequirePermission(Permission.ROLE_CREATE)
    @RequestMapping(value = "", method = RequestMethod.PUT)
    public RestResult createRole(String name,String description){
        String roleId = roleService.createRole(name,description);
        RoleEntity roleEntity = roleDao.getById(roleId);
        List<RoleResource> resources = resourceUtil.toResource(Collections.singletonList(roleEntity),null,RoleResource.class);
        return new RestResult(1L,resources);
    }

    /**
     * 更新角色基本信息
     * @param roleId 角色id
     * @param name 角色名称
     * @param description 角色描述
     */
    @RequirePermission(Permission.ROLE_UPDATE)
    @ResponseStatus(HttpStatus.NO_CONTENT)
    @RequestMapping(value = "/{id:\\S{32}}", method = RequestMethod.POST)
    public void updateRole(@PathVariable("id") String roleId, String name,String description){
        RoleEntity role = new RoleEntity();
        role.setRoleId(roleId);
        role.setName(name);
        role.setDescription(description);
        roleService.updateRole(role);
    }

    /**
     * 批量删除角色
     * @param roleId 角色id，json格式的列表，例如：["aaaadd","bbbbb"]
     */
    @RequirePermission(Permission.ROLE_DELETE_ALL)
    @ResponseStatus(HttpStatus.NO_CONTENT)
    @RequestMapping(value = "", method = RequestMethod.DELETE)
    public void deleteRole(String roleId){
        if(StringUtils.isBlank((roleId))){
            throw new InvalidParameterException("roleId参数不能为空");
        }
        List<String> list = JSON.parseArray(roleId,String.class);
        roleService.deleteRole(list);
    }

    /**
     * 获得所有角色
     * @param request http请求
     * @return 角色信息
     */
    @RequirePermission(Permission.ROLE_GET_ALL)
    @RequestMapping(value = "", method = RequestMethod.GET)
    public RestResult getRoleByParameter(HttpServletRequest request) {
        RoleParameter param = ParameterUtil.getParameter(request, RoleParameter.class);
        long count = roleDao.getRoleCountByParameter(param);
        List<RoleEntity> list = roleDao.getRolesByParameter(param);
        List<RoleResource> resources = resourceUtil.toResource(list, param, RoleResource.class);
        return new RestResult(count, resources);
    }

    /**
     * 获得角色拥有的权限
     * @param request http请求
     * @return 权限列表
     */
    @RequirePermission(Permission.PERMISSION_GET_BY_ROLEID)
    @RequestMapping(value = "/{id:\\S{32}}/permission", method = RequestMethod.GET)
    public RestResult getPermissionByRoleId(HttpServletRequest request, @PathVariable("id") String roleId) {
        PermissionParameter param = ParameterUtil.getParameter(request, PermissionParameter.class);
        long count = permissionDao.getPermissionCountByRoleId(roleId, param);
        List<PermissionEntity> list = permissionDao.getPermissionsByRoleId(roleId, param);
        List<PermissionResource> resources = resourceUtil.toResource(list, param, PermissionResource.class);
        return new RestResult(count, resources);
    }

    /**
     * 设置角色拥有的权限
     * @param permissionId 权限id，json格式的列表,如果为空，则表示删除角色拥有的所有权限
     */
    @RequirePermission(Permission.ROLE_UPDATE_PERMISSION)
    @ResponseStatus(HttpStatus.NO_CONTENT)
    @RequestMapping(value = "/{id:\\S{32}}/permission", method = RequestMethod.POST)
    public void setRolePermission(@PathVariable("id") String roleId, String permissionId) {
        List<String> list = null;
        if(StringUtils.isNotBlank(permissionId)){
            list = JSON.parseArray(permissionId,String.class);
        }
        roleService.setRolePermission(roleId,list);
    }

}
